Monday November 19, 2018

Washington News

IRS Warns of Scam Targeting Tax Professionals

On January 9, the IRS released a warning to tax professionals in IR-2018-2 after receiving numerous reports of heightened fraud activity. The reports reveal that cybercriminals are sending emails posing as potential clients or the IRS in an effort to lure sensitive client data from tax practitioners.

In recent days, tax professionals have contacted the IRS after receiving fraudulent emails from cyber thieves posing as potential clients. The thief will often send an introductory email followed by a second email containing a phishing link, or an attached document containing a phishing link, claiming his or her tax data is enclosed. If clicked, the link or attachment could install malware on the tax professional's computer and enable the cybercriminal to gain access to the practitioner's client accounts and sensitive data.

After several data breaches last year, the IRS is cautioning tax practitioners to be on high alert this tax filing season. Cybercriminals may attempt to use illegally obtained client data to impersonate taxpayers and file fraudulent returns to obtain tax refunds.

In the past, criminals have been able to collect tax payers' names, Social Security numbers and email addresses in similar data breaches. The IRS says that, if in doubt, tax practitioners should call to confirm a client's identity.

The IRS has also received reports of criminals posing as IRS e-Services representatives in an attempt to obtain tax professionals' e-Services usernames and passwords. The IRS urges all e-Services account holders to upgrade to the IRS's more secure identify-proofing process called "Secure Access."

Tax professionals are urged to forward suspected phishing emails to phishing@irs.gov and to remember that the IRS will not send unsolicited emails.